Email-based e-commerce

ABSTRACT

An email payment gateway having electronic commerce (e-commerce) system may send advertisement emails to customers that are registered with the e-commerce system. The advertisement emails may include mailto hyperlinks. Each mailto hyperlink may be associated with a product that is being offered for sale, and each mailto hyperlink describes an email message that may be generated when that hyperlink is selected. When a mailto hyperlink is selected, the generated email message may include one or more parameters related to the product associated with the hyperlink, such as an identifier of the product. The generated email message may then be transmitted to the e-commerce system. The e-commerce system may receive the message and, based on the parameters in the received message, execute a transaction to purchase the identified product on behalf of the customer.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a Continuation of U.S. patent application Ser. No.16/577,951 filed Sep. 20, 2019, which is a Continuation of U.S. patentapplication Ser. No. 15/644,240 filed Jul. 7, 2017, which issued as U.S.Pat. No. 10,438,182 on Oct. 8, 2019, which is a Continuation of U.S.patent application Ser. No. 13/833,521 filed Mar. 15, 2013, which issuedas U.S. Pat. No. 9,710,797 on Jul. 18, 2017, which claims the benefit ofU.S. provisional application No. 61/672,982, filed Jul. 18, 2012, whichare incorporated herein by reference as if fully set forth.

BACKGROUND

The Internet has transformed the manner in which both businesses andcustomers approach commerce. From the business perspective, the Internethas widened the customer base from those located within driving distancefrom a store, to virtually anywhere in the world with access to theInternet. Small retailers can compete more effectively with largeretailers, without the higher costs that are associated with a largephysical store. Additionally, distribution networks have beentransformed, so that smaller numbers of specialized products can beeffectively and efficiently distributed and sold in commerce.

From the perspective of the consumer, the Internet has brought aplethora of new options. Consumers now have available to their goodsfrom any store that has an Internet presence. There is a greater varietyof stores and goods, and a greater amount of competition between stores.This competition keeps prices down for consumers.

However, commerce over the Internet is not without its problems.According to many current approaches to electronic commerce(e-commerce), a customer may register with a vendor (such as an onlineretailer) to receive emails that provide information about products thatare offered for sale by the vendor. The emails may include hyperlinksthat direct the user to web pages on the vendor's web site. Once theyaccess the web site, the customer may obtain additional informationabout, and/or purchase, the products described in the emails.

If the customer originally received an email in a dedicated emailapplication such as Microsoft Outlook, a different application (such asa web browser) must be used in order to view the web pages on thevendor's web site. Further, to purchase a product from the vendor's website, customers are frequently required to enter payment informationsuch as credit card information. Due to this switch to a differentapplication and the entry of credit card information, the process ofpurchasing a product from the vendor becomes inconvenient andtime-consuming.

Further, when non-profit organizations conduct email marketingcampaigns, the donation process may be similar to that described above,and may be fraught with similar problems. Therefore, more streamlinedand convenient approaches to e-commerce would be advantageous.

SUMMARY

A method for use in an e-commerce system may include a database storinginformation that includes an identifier of a customer, an email addressor other electronic contact information of the customer, and anidentifier of one or more products offered by a vendor. The method mayfurther include at least one processor generating an advertising emailmessage. The advertising email message may be addressed to the emailaddress of the customer, and may include a mailto hyperlink. The mailtohyperlink may include a destination address field that indicates anemail address of the e-commerce system, and a body field that indicatesan email body that includes the identifier of the customer and theidentifier of the product. The method may further include a networkinterface transmitting the advertising email message, and the networkinterface receiving an order email message. The order email message mayindicate an order by the customer for the product. The order emailmessage may be responsive to the advertising email message, and may beaddressed to the email address of the e-commerce system. The body of theorder email message may include the identifier of the customer, theidentifier of the product and a quantity of the product. The at leastone processor and the network interface may perform an order executionprocedure based on the order email message, wherein the order executionprocedure includes purchasing the product for the customer.

An e-commerce system may include a database, at least one processor, anda network interface. The database may be configured to store informationthat includes an identifier of a customer, an email address or otherelectronic contact information of the customer, and an identifier of oneor more products offered by a vendor. The at least one processor may beconfigured to generate an advertising email message that is addressed tothe email address of the customer, and includes a mailto hyperlink. Themailto hyperlink may include a destination address field that indicatesan email address of the e-commerce system, and a body field thatindicates an email body that includes the identifier of the customer andthe identifier of the product. The network interface may be configuredto transmit the advertising email message and to receive an order emailmessage. The order email message may indicate an order by the customerfor the product. The order email message may be responsive to theadvertising email message, and may be addressed to the email address ofthe e-commerce system. The body of the order email message may includethe identifier of the customer, the identifier of the product and aquantity of the product. The at least one processor and the networkinterface may be further configured to perform an order executionprocedure based on the order email message, wherein the order executionprocedure includes purchasing the product for the customer.

A computer-readable storage medium having processor-executableinstructions stored thereon which, when executed by at least oneprocessor in an e-commerce system, will cause the at least one processorto perform a method. The method may include storing information thatincludes an identifier of a customer, an email address or otherelectronic contact information of the customer, and an identifier of oneor more products offered by a vendor. The method may further includegenerating an advertising email message, wherein the advertising emailmessage is addressed to the email address of the customer, and includesa mailto hyperlink. The mailto hyperlink may includes a destinationaddress field that indicates an email address of the e-commerce systemand a body field that indicates an email body that includes theidentifier of the customer, the identifier of the product and a quantityof the product. The method may further include transmitting, via anetwork interface, the advertising email message. The method may furtherinclude receiving, via the network interface, an order email message.The order email message may be responsive to the advertising emailmessage, and may be addressed to the email address of the e-commercesystem. The body of the order email message may include the identifierof the customer and the identifier of the product. The method mayfurther include performing an order execution procedure based on theorder email message, wherein the order execution procedure includespurchasing the product for the customer.

BRIEF DESCRIPTION OF THE DRAWINGS

A more detailed understanding may be had from the following description,given by way of example in conjunction with the accompanying drawingswherein:

FIG. 1 shows a logical architecture for an electronic payment gatewayfor engaging in electronic commerce;

FIG. 2 shows the graphical user interface (GUI) on a customer clientdevice as embodied as a smartphone;

FIG. 3 shows a GUI on a customer client device as embodied on a tabletcomputer;

FIG. 4 is an example of an outgoing advertisement email message thatsolicits the purchase of goods from a vendor;

FIG. 5 shows a method for engaging in electronic commerce using email;

FIG. 6 is an example authentication control packet;

FIG. 7 is a flow diagram of a process for generating and embedding UUIDsinto an email.

FIG. 8 is a flow diagram of a process for analyzing return emails andperforming security qualifications on the return emails;

FIG. 9 is a more detailed flow diagram of a process for performingadditional quality checks on return emails;

FIG. 10 is a graphical representation of a plurality of emails with aplurality of buttons;

FIG. 11 , consisting of 11A and 11B is a flow diagram of method forengaging in electronic commerce using email;

FIG. 12 is an email message for placing an order;

FIG. 13 is an advertisement email message that solicits a donation to anon-profit organization;

FIG. 14 is an email message for donating to a non-profit organization;

FIG. 15 is a first order confirmation email message;

FIG. 16 is a flow diagram of an example order confirmation method;

FIG. 17 is a second order confirmation email message;

FIG. 18 is an email message that may be used to confirm an order;

FIG. 19 is an email message that may be used to cancel an order;

FIG. 20 is a flow diagram of an example order execution method; and

FIG. 21 is an example system that may be used to implement featuresdescribed with reference to FIGS. 1-20 .

DETAILED DESCRIPTION

FIG. 1 shows an example logical architecture for an electronic paymentgateway 114 for email-based e-commerce. The electronic payment gateway114 may include a customer client device 120, an e-commerce system 100,a payment processing system 136, a vendor order fulfillment system 138,and a vendor client device 130. The e-commerce system 100 may include anaccount management module 102, a database module 104, an e-commercedatabase 106, a order execution module 108, a security module 109, amessage processing module 110, and an email interface module 112. Aswill be described in further detail below, the e-commerce system 100 andcustomer client device 120 may exchange email messages to initiate andmanage transactions such as donations to non-profit organizations and/orthe purchase of goods and services. Also as will be described in furtherdetail below, the e-commerce system 100 may communicate with the paymentprocessing system 136 and the vendor order fulfillment system 138 toexecute the transactions.

Although the electronic payment gateway 114 will be describedhereinafter as handling e-commerce through email, this is used simplyfor ease of explanation. It should be understood that any form ofelectronic communication may be utilized in a similar manner includingan a short messaging service (SMS) message, a multimedia messagingservice (MMS) message, a text, an instant message, a facebook message, atweet or any other type of current or future messaging type.

Accordingly, all modules specifically set forth in FIG. 1 , such as theemail interface module 112 and the email client 122, to illustrate theexample herein, may be suitably replaced by a corresponding module, forexample a text module, if a different form of electronic communicationis utilized.

The account management module 102 in the e-commerce system 100 maymanage data related to accounts for customers and vendors thatparticipate in commerce via the e-commerce system 100. The accountmanagement module 102 may be or include, for example, a web application.Vendors may interact with the account management module 102 via a webbrowser such as the web browser module 134 in the vendor client device130. As one example, a user of the vendor client device 130 may provideinformation to the account management module 102 such as: product andpricing information to be used for email advertisements to be sent tocustomers in email campaigns; email formatting information to be usedfor email advertisements to be sent to customers; financial informationrelated to bank accounts and/or other types of financial accounts (suchas e-Payment accounts such as PayPal accounts) that may be used toreceived payments from customers of the e-commerce system 100, such asaccount numbers and/or other identifying information; and/or otherinformation. Customers may register with the e-commerce system 100 byinteracting with the account management module 102 via a web browsersuch as a web browser module (not depicted) in the customer clientdevice 120.

A user of the customer client device 120 may provide information to theaccount management module 102 via the web browser such as: an emailaddress associated with the customer; financial information associatedwith the customer, such as a credit card information (such as a creditcard number and expiration date), and/or other information related tobank accounts and/or other types of financial accounts (such ase-Payment accounts) that may be used to make payments to vendors via thee-commerce system 100; shipping address information; billing addressinformation; preferences regarding which vendors the customer would liketo receive email advertisements from; and/or other information. Theaccount management module 102 may, via the database module 104, storeinformation received from the customer client device 120 and/or thevendor client device 130 in the e-commerce database 106. The accountmanagement module 102 may also add information to the e-commercedatabase 106 when customers and vendors register with the e-commercesystem 100, such as customer identifiers, vendor identifiers, and otheridentifying information.

The security module 109 generates a plurality of Universal UniqueIdentifiers (UUIDs) 202. A UUID is an identifier standard used insoftware construction, standardized by the Open Software Foundation(OSF) as part of the Distributed Computing Environment (DCE).

The intent of utilizing UUIDs is to enable distributed systems touniquely identify information without significant central coordination.Since the identifiers have a finite size, it is possible for twodiffering items to share the same identifier. However, the identifiersize and generation process are selected such that this is sufficientlyunlikely.

In one embodiment, the UUIDs have a length of 32 characters, in groups,separated by a “dash” (-) character. For example, in one embodiment, thecode may be: 891BE826-C023-4DAD-9E53-EE62B-836079C.

The message processing module 110 (in conjunction with the emailinterface module 112) may generate and transmit advertisement electronicmessages, for example email messages, to customers that are registeredwith the e-commerce system 100, such as the user of the customer clientdevice 120. The advertisement electronic messages may be HyperTextMarkup Language (HTML) email messages, Rich Text Format (RTF) emailmessages, and/or may be defined according to any other appropriateformat.

The advertisement electronic messages may include Uniform ResourceIdentifiers (URIs) or hyperlinks that are defined according to themailto URI scheme. Each mailto URI or hyperlink may describe a returnelectronic message that may be generated by an email client module (suchas the email client module 122) when that URI or hyperlink is selected.The generated message may include a number of parameters that indicate,for example, a product that was advertised in the advertisement emailthat the customer wishes to purchase. The generated message may then besent to the e-commerce system 100, and received by the messageprocessing module 110; when the generated message is received by themessage processing module 110, the message processing module 110 maythen initiate a transaction to purchase the product indicated in themessage on behalf of the customer. In such an instance, the messageprocessing module 110 may interact with the order execution module 108to perform the transaction.

The email interface module 112 may be configured to use one or moreemail accounts that are associated with the e-commerce system 100, andto send and receive messages associated with the one or more emailaccounts. The email interface module 112 and/or the email client module122 in the customer client device 120 may communicate email messagesusing technologies such as Simple Mail Transfer Protocol (SMTP), PostOffice Protocol (POP) technology, Internet Message Access Protocol(IMAP), Remote Procedure Call (RPC) technology, HyperText TransferProtocol (HTTP), and/or other appropriate technologies. The interfacemodule 112 and/or the email client module 122 may use these technologiesto transmit and/or receive email messages via one or more email servers(not depicted). The email client module 122 may be or include an emailclient such as Microsoft Outlook, Thunderbird, a web browserapplication, or any other client application for the communication ofemail messages. In an instance where the email client module 122 is orincludes a web browser application, the email client module 122 may bethe same web browser described above that may be used to communicatewith the account management module 102; alternatively the email clientmodule 122 and the web browser described above that may be used tocommunicate with the account management module 102 may be different.

The payment processing system 136 may be, as one example, a paymentgateway that is operated by an acquiring financial institution. In aninstance where the payment processing system is a payment gateway, thepayment processing system 136 may have a connection to one or morebanking networks (not depicted) that it may use to process payments. Theorder execution module 108 may communicate with the payment processingsystem 136 using technology such as Transport Layer Security (TLS) orSecure Sockets Layer (SSL) technology. The vendor order fulfillmentsystem 138 may be an order management system (OMS), Enterprise ResourcePlanning (ERP), supply chain management, electronic purchasing system,inventory control system, or any other appropriate system for fulfillingorders.

The e-commerce database 106 may store information such as informationthat describes email campaigns, email advertisements that may be sent tocustomers, customer information, vendor information, productinformation, donation-related information, order status information,and/or other information. Further the e-commerce database 106 may storeinformation that indicates correspondences between different emailcampaigns, advertisements, customers, vendors, products, donations,information related to order statuses, and/or other information. Foreach email campaign, the e-commerce database 106 may store informationthat include an identifier of the vendor associated with the campaign,identifiers of the products associated with the campaign, and/or otherinformation. For each order that is placed with the e-commerce system100, the e-commerce database 106 may store information such as anidentifier of the customer that placed the order, when the order wasplaced, an identifier of the vendor associated with the order, and/orother information.

For each product described in the e-commerce database 106, thee-commerce database 106 may store information that includes anidentifier of the product (or donation), a description of the product, atitle of the product, an identifier of the vendor associated with theproduct, a cost of the product, amount of the product in stock, and/orother information. According to one approach, data that describesdonations may be handled within the e-commerce database 106 in theprimarily the same way as the data that describes products.

As one example, the e-commerce database 106 may store information thatindicates that a type of wine (e.g., “Wine One,” with a productidentifier of “0005”) is sold by a vendor (e.g., “The Wine Shop,” with avendor identifier of “0163”) for $15.00.

Further, the e-commerce database may also store information thatindicates that an example vendor that is a non-profit or potentialorganization (e.g., “Charitable Organization,” with a vendor identifierof “1043”) may receive donations for $5.00, $10.00, $25.00, $50.00, and$100.00. Each of the different donation amounts may be stored in thee-commerce database 106 as a different product. For example, the $100donation may have a product identifier (or “donation identifier”) of“0099.” Further according to this example, the e-commerce database 106may store information that indicates that the product with identifier“0099” indicates a donation of $100.00 to a vendor with the identifierof “1043.”

Alternatively or additionally, the e-commerce database 106 may storeinformation (e.g., one or more flags or other fields) that indicates,for each product/donation, whether the product/donation relates to adonation or to a purchase of goods.

The e-commerce database 106 may be spread across one or any number ofcomputer-readable storage media (not depicted). The e-commerce database106 may be or include, for example, a relational database, ahierarchical database, an object-oriented database, a flat file, aspreadsheet, or a structured file. The database module 104 may interfacewith a database management system (not depicted) in order to add datato, modify data in, or obtain data from the e-commerce database 106.Alternatively or additionally, the database module 104 may performdatabase driver and/or database client functionality to interact withthe database management system. The database management system may bebased on a technology such as Microsoft SQL Server, Microsoft Access,MySQL, PostgreSQL, Oracle Relational Database Management System (RDBMS),Not Only SQL (NoSQL), or any other appropriate technology.

Each or any combination of the modules described above with reference toFIG. 1 (including the account management module 102, database module104, order execution module 108, message processing module 110, emailinterface module 112, email client module 122, web browser module 134,and the web browser module in the customer client device 120) may beimplemented as software modules, specific-purpose processor elements, oras combinations thereof. Suitable software modules include, by way ofexample, an executable program, a function, a method call, a procedure,a routine or sub-routine, one or more processor-executable instructions,an object, or a data structure. Additionally, the system 100 maycomprise a single server or computer, or may comprise a plurality ofservers or computers, or a much larger integrated or distributedcomputer network including a plurality of computers and communicationdevices and networks, such as is commonly referred to as “the cloud”.One example of such an extended network is the Internet. The terminologycustomer client device 120 will be referred to hereinafter as comprisinga mobile or stationary device or terminal, commonly embodied as ahandheld device such as a smartphone shown in FIG. 2 or a tablet shownin FIG. 3 .

Security and the integrity of information has become a primary concernof Internet users and Vendors alike. Accordingly, one feature of thepresent invention is a system and method for authenticating emails andensuring the integrity of the email transaction.

As will be described in greater detail hereinafter, the system andmethod utilize a plurality of unique identifiers that are associatedwith specific authentication information. These unique identifiers areselectively embedded in each transmitted outgoing email. FIG. 4 is anexample of an outgoing email 440. As will be explained in detailhereinafter, the outgoing email 440 includes a plurality of selectablehyperlinks or buttons 420 a-e, 422 a-e, each of which having anassociated embedded unique identifier. Any incoming email (i.e. replyemail) that is received in response to the outgoing email 440 shouldinclude one or more of these embedded unique identifiers if the replyemail is to be authenticated.

When a reply email is received, it is parsed for evidence of one or moreof these embedded identifiers. The one or more of the embeddedidentifiers are compared to the authentication information. If thecomparison is favorable, the authentication of the reply email iscomplete. If the comparison is not favorable, additional measures aretaken to attempt to authenticate the reply email, or the authenticationprocess is ultimately terminated, and the reply email is deemed to beunauthenticated and the transaction is denied.

Referring to FIG. 5 , a method 500 for authenticating an email inaccordance with the present invention is shown. The method 500 is shownbetween the system 100 and a customer client device 120. Asaforementioned, the security module 109 generates 502 a plurality ofUUIDs. The UUIDs as delivered in an email message are “opaque”, in thatthe associated authentication information is not ultimately derivablefrom parsing the UUID. Although the UUID will be associated withparticular authentication information within the database 106, (such asa user, a campaign, a particular item or donation amount, an expirationdate, etc.), this information is not derivable from the UUID.

Once the UUIDs are generated 502, they are stored 504 in the database106 for later use. It should also be understood by those of skill in theart, that the storing 504 of the UUIDs is not necessary, in that theUUIDs may be generated 102 upon demand, (i.e. when they are needed), sothat storing 504 of the UUIDs is not necessary. Accordingly, those ofskill in the art should understand step 504 as being optional.

When a new email “campaign” is to be conducted, the UUIDs are retrievedfrom memory, (or the UUIDs are generated upon demand if they were notpreviously generated and stored). The UUIDs are associated 506 withparticular authentication information to create an authenticationcontrol packet 300. This will be explained in greater detail hereinafterwith reference to FIG. 3B.

Referring to FIG. 6 , an authentication control packet 600 is shown. Theportions of the authentication control packet 600 will be described withreference to FIG. 6 , and the related portions of an associated email440 will be described with reference to FIG. 4 . The authenticationcontrol packet 600 includes a UUID 602 and a plurality of fields604-618N relating to authentication information. Although specificfields 604-618N are shown and described herein, it should be understoodby those of skill in the art that a subset of these fields may be used,more fields may be added to this list of fields, or a completely new setof fields may be used without departing from the teachings herein.

As will be described in detail hereinafter, the UUID 602 is the uniqueidentifier that will be imbedded in a portion of an email, for exampleoutgoing email 440 shown in FIG. 4 , and parsed from a reply email andused for authentication. In this particular example, the fields 604-618Ninclude a client identifier field 604, an email campaign field 606 anitem or donation amount field 608, an email address field 310, a subjectline field 312, a member field 314 and a timestamp field 316. As isgraphically illustrated by fields 618A-618N, a plurality of other fieldsrelating to other identification parameters may optionally be included.

The client identifier field 604 identifies the particular client orvendor who has initiated the email “campaign”. By way of example, if thevendor is The Wine Shop, the client identifier field 604 will includethe name The Wine Shop, or an alpha-numeric identification thereof.

The email campaign field 606 identifies the particular email “campaign”of which the email is a part. By way of example, a particular vendor maywish to send out several emails to all or portions of its customersduring different times of the year, to different customers orhighlighting different products. Each of these emails is referred tohereinafter as an email “campaign”. The email campaign field 606identifies one of the email campaigns of which this UUID 602 is a part.

The item or donation amount field 608 identifies a particular item or aparticular donation amount that this UUID 602 is associated with. Forexample, the UUID 602 may be associated with the “one bottle of redwine” button selection.

In an alternative example, the UUID 602 may be associated with adonation amount of $150.

The email address field 610 identifies the email address to which theUUID 602 will be sent.

The subject line field 612 identifies the subject line of the email inwhich the UUID 602 will be sent.

The member field 614 identifies the member associated with the emailaddress to which the UUID 602 will be sent.

The timestamp field 616 identifies the time at which the emailassociated with the UUID 602 is sent.

The parameter A—parameter M fields 618A-618N graphically represent aplurality of other fields that may me used to provide additional levelsof security and verification. For example, emails may be send from oneor more servers or countries, or may include one or more “keys” thatwill be later used to verify whether a particular email is authentic.

Referring back to FIG. 5 , after each UUID is associated is associated506 with particular authentication information to create anauthentication control packet 600, one or more UUIDs are embedded in anemail 440 as one or more buttons 420 a-e, 422 a-e, as shown in FIG. 4 .The process 507 of steps 506 and 508 will be described in greater detailwith respect to FIG. 7 .

The process 507 begins with the retrieval 702 or generation of one ormore UUIDs. An associated email is generated 704, and the one or moreUUIDs are associated 706 with (or embedded into) one or selectablebuttons 420 a-e, 422 a-e within the email 440. The one or more buttons420 a-e, 422 a-e are inserted 708 into the email 414, and then theremainder of the information is inserted 710 into the email 440. TheUUID along with the authentication control packet 600 is then stored712.

It would be understood by those of skill in the art that although thesteps 702-712 of FIG. 7 are shown in a particular order, some of thesteps may be changed or eliminated. For example, when an email isgenerated 704, it may include all of the relevant information, andtherefore step 710 may be unnecessary. Additionally, steps 706 and 708may be performed simultaneously by associating the UUID with a button asit is being embedded in an email. These changes will not depart from thespirit or scope of the present invention.

Referring back to FIG. 5 , the email 440 is then transmitted 510 fromthe system 100 to the customer client device 120.

The customer client device 120 receives 512 the email 440, and the useris allowed to review the email 440 and make a selection 514 of one ormore of the buttons 420 a-e, 422 a-e.

The selection 514 of one or more of the buttons 420 a-e, 422 a-e by theuser causes the customer client device 120 to generate 516 a returnemail which includes the UUIDs associated with the one or more selectedbuttons 420 a-e, 422 a-e. The return email included the UUIDs is thentransmitted 518 from the customer client device 120 to the system 100.It should be noted by those of skill in the art that although the returnemail is shown being transmitted 518 back to the system 100, it may alsobe sent directly to a third party site, or through a third party site tothe system for processing without departing from the spirit and scope ofthe present invention.

The system 100 (or the third party site) receives 520 the return emailand parses 524 the return email for the one or more UUIDs, andoptionally other important authentication information, as will beexplained in greater detail hereinafter. Once the UUIDs and the optionalauthentication information is parsed 524 from the return email, securityqualification on the UUIDs is performed 526.

The process 525 of steps 524 and 526 will be described in greater detailwith respect to FIG. 8 .

The return email is parsed 802 for the one or more UUIDs that areembedded in the return emails, and is also optionally parsed for otherimportant authentication information 804.

Those of skill in the art would understand that steps 802 and 804 may beperformed in opposite order, or may be performed together. Theauthentication control packet 600 is retrieved 806 and one of theparameters 602-618N is selected 808 and compared 810 to the informationparsed from the return email. In a simplest example, the UUID that isparsed 802 from the return email is compared 810 to the UUID 602 in theauthentication control packet 600 to determine if they match. If thematch is not favorable, a negative security qualification indication isgenerated 814. In essence, that selected parameter 602 is indicated asfailed.

It should be understood that the process 525 may be terminated afteronly a single failure, or a certain threshold of positive matches forthe selected parameters may be set. In another alternative, theparameters may be selectively weighted, and the process 525 may beterminated or deemed a success based upon a certain threshold beingmissed or met, respectively.

Referring to step 816, if not all of the parameters have been reviewed,the next parameter is selected 818 and the process continues at step810. If all of the parameters have been reviewed and qualified 816, avalid email has been confirmed 820 and a positive security qualificationindication is generated 822.

Referring back to FIG. 5 , the transaction is continued or denied 528based upon the success or failure of the security qualificationsdetermined in step 525. Step 528 is shown in greater detail withreference to FIG. 9 .

Referring to FIG. 9 , one or more security qualification indications arereceived 902, and it is determined 904 whether an “overall” positiveindication has been received as determined at step 822, whether it is bythreshold, weighting, or some other method. If this indication isnegative, a failure email is generated 906 and transmitted 908.

This failure email may not be the end of the process. For example, thefailure email may be an opportunity for the vendor to gain another user,if a user other than the intended user sent in a return email.Additionally, other security questions may be sent in the failure emailin order to “rehabilitate” the rejected email.

Even if the positive security qualification has been determined at 904,some vendors may require additional checks 910. If all checks have notbeen completed, step 910 is repeated.

For example, each vendor may have a separate security check such as apassword, a biometric identifier of the person, a keyword or anidentification of the particular user's computer. Step 910 permits theprocess 528 to be customized by different vendors.

Once it has been determined 912 that all checks have been completed, itis determined whether all checks are successful 916. Again, this step916 may require all checks to be positive, may require a certain numberor percentage of checks be completed, or may require that a certain“weight” be achieved in a weighting scheme that applies more weights tocertain checks than to others. If the checks are determined 916 to besuccessful, the transaction proceeds 920 and a confirmation is sent 922to the user.

If the checks are determined 916 to be unsuccessful, the transactionproceeds to generate 906 a failure email and send and 908 the failureemail to the user as described hereinbefore.

Referring to FIG. 10 , the result of the processes describedhereinbefore are that each email 440 with a plurality of buttons (i.e.1-14 as shown in FIG. 10 ) is generated. As is graphically representedin the left side of FIG. 10 , each button has a UUID embedded within it.

Additionally, as is graphically represented in one million emails 440 ₁through 440 _(1,000,000) on the right side of FIG. 10 , each separatebutton within each separate email has a unique UUID. Therefore, if eachemail has 14 different buttons, and one million emails are generated,then 14 million UUIDs are generated and embedded into the emails. Thisensures that when a button is selected within an email, and the UUID issent in a return email, the system 100 will know exactly which specificbutton from which specific user was selected. Along with the securityqualifications, the present invention ensures not only identity, butalso security.

In addition to, or as an alternative to, the features of these modulesdescribed above with reference to FIG. 1 , these modules may performfunctionality described below with reference to the remaining Figures.

FIG. 11 , (comprising 11A and 11B) is an example method 1100 foremail-based electronic commerce. FIG. 11 shows components of thee-commerce system 100, including the message processing module 110, theorder execution module 108, and the email interface module 112. FIG. 11also show the email client module 122 of the customer client device 120,as well as the payment processing system 136 and the vendor orderfulfillment system 138.

The method 1100 of FIG. 11 may begin with the message processing module110 determining that an advertising email message should be sent tocustomers of the e-commerce system 100 (step 1102). This determinationmay be based on, for example, information provided by a user of thevendor client device 130 to account management module 102 in thee-commerce system 100 via the web browser module 134 in the vendorclient device 130. This information may include, for example, aninstruction that indicates that the advertising email message should besent. Alternatively or additionally, this information may includeinformation that defines an email campaign. Information that defines anemail campaign may include information that describes the format andcontents of the advertising email message. For example, the informationmay indicate the products that should be indicated in the advertisingemail message, the quantities in which they may be bought, prices forthe products, and/or other information.

Alternatively or additionally, in an instance where the advertisingmessage is a solicitation for a donation to a non-profit organization,this information may describe amounts of suggested donations.

Information that defines the email campaign may also include parametersthat define customers to whom the advertising emails should be sent. Forexample, a campaign may be defined such that the advertising emails willbe sent only to users who have not purchased an item from the vendorsince a given time period.

The message processing module 110 and/or the email interface module 112may then generate the advertising email messages that are to betransmitted according to the information that describes the emailcampaign (step 1104). This may include, for example, the messageprocessing module 110 obtaining information from the e-commerce database106 via the database module 104 that indicates a list of email addressesand other identifying information (such as customer identifiers) forcustomers that are the intended recipients of the email messages asdescribed in the email campaign information. The advertising emailmessages may indicate that they are being sent by one of the emailaccounts used by the e-commerce system 100. This may also include themessage processing module 110 assigning an email campaign identifierthat is associated with this email campaign.

Further, the email messages generated by the message processing module110 may include one or more mailto hyperlinks that define the contentsof email messages that are generated when the mailto hyperlinks areselected. For example, and as will be described in further detail below,the message processing module 110 may generate the contents of themailto hyperlinks such that the hyperlinks include information thatidentifies products that are being sold by a vendor. When the mailtohyperlinks are selected, new email messages are generated that may beused to initiate orders to purchase the identified products.

Further, the email messages generated by the message processing module110 may include one or more security features generated by the securitymodule 109 within the mailto hyperlinks that define the identity of eachbutton within the email. The security features may include theparameters as discussed with reference to FIG. 6 .

Mailto hyperlinks in the advertising email messages may include one orany combination of the following fields: a “mailto:” and/or “to” fieldthat indicate one or more email addresses of recipients of the newmessage; a “Copy To” or “CC” field that indicates one or more emailaddresses of recipients to whom a copy of the new message should besent; a “Blind Copy To” or “BCC” field that indicates one or more emailaddresses of recipients to whom a blind copy of the new message shouldbe sent; a field that indicates the subject of the new message; and afield that indicates the body of the new message. The mailto hyperlinksmay be defined according to the format described in Internet EngineeringTask Force (IETF) RFC2368, which is incorporated by reference as iffully set forth herein.

The email interface module 112 may then transmit one of the generatedadvertising email messages to the email client module 122 (step 1106).

The email message may be received by the email client module 122 anddisplayed by the email client module 122 (step 1108).

Referring now to both FIG. 11 and FIG. 4 , FIG. 4 shows an email displaywindow 440 that may be used by the email client module 122 to display afirst example email message from the message processing module 110 (step1100). The email display window 440 may include a Reply button 442, acontrol area 444, and a message body area 446. The control area 444 maydisplay control and/or header information associated with the emailmessage, such as the email addresses of the sender and recipient of themessage. According to this example, the control area 444 shows that thesender of the message has the email address “sales@company.com.” This isan email address that may be associated with an account used by thee-commerce system 100 for the communication of email messages. Furtherto this example, the control area 444 shows that the email address ofthe example recipient of the message (John Smith) is“john.smith@customer.com.” The control area 444 may also displayinformation such as a subject of the email message and the time theemail message was sent. The Reply button 442 may respond to user inputto generate a new display element (not depicted) to respond to the emailmessage.

The message body area 446 may display the body of the email message. Asshown in FIG. 4 , the message body area 446 may display an example emailmessage that shows information related to two example products (Wine Oneand Wine Two) that are being offered for sale by an example vendor (TheWine Shop). The message body area 446 includes a picture of a bottle ofeach type of wine, as well as the price for a bottle of each type ofwine. The message body area 446 also includes, under the picture of thebottle of Wine One, a number of mailto hyperlinks, such as the “1Bottle,” hyperlink 420 a “2 Bottles,” hyperlink 420 b “3 Bottles”,hyperlink 420 c “6 Bottles,” hyperlink 420 d and “1 Case (10% Discount)”hyperlink 420 e. The message body area 446 also includes similar linksunder the picture of the bottle of Wine Two. These links 420 a-e may bedefined according to the mailto URI scheme or other appropriate format,and each may describe a new email message that may be generated by theemail client module 122 when that link is selected.

The “1 Bottle” hyperlink 420 a beneath the picture of the Wine Onebottle may include information that describes an email message that, ifreceived by the e-commerce system 100, will indicate to the e-commercesystem 100 that John Smith would like to purchase one bottle of WineOne. As a further example, Wine One may have a product identifier of“0005,” and John Smith may have a customer identifier of “0777.”According to this example, the “1 Bottle” hyperlink may describe anemail message that is addressed to an email account that is associatedwith the e-commerce system 100, and that includes a message body thatincludes the identifier for John Smith (“0777”), an identifier of theselected product (“0005”), and an identifier of the quantity that JohnSmith would like to order (in this example, a single bottle).

Alternatively or additionally, the email message described by thehyperlink may include information such as text that describes the order,an identifier of the vendor (in this example, The Wine Shop), an emailcampaign identifier, and/or other information. Similarly, the “2Bottles”hyperlink 420 b beneath the picture of the Wine One bottle may includeinformation that describes an email message that, if received by thee-commerce system 100, will indicate to the e-commerce system 100 thatJohn Smith would like to purchase two bottles of Wine One. According tothis example, and by way of example only and not to be limiting, the“2Bottles” hyperlink 420 b may be defined as follows:

<a href=“mailto:sales@company.com?

subject=Purchase%20from%20Wine%20Shop%20&

body=You%20have%20created%20an%20order%20for%20two%20bottles%20of%20Wine%200ne.%20Press%20the%20Send%20button%20to%20complete%20the%20order.%0A%0AProductID0005%20QualifierNA%20Qty0002%20CustomerID0777%20CampaignID0003”

target=“_blank”>2 Bottles</a>

Similarly, the “3 Bottles,” “6 Bottles,” and “1 Case (10% Discount)”hyperlinks 420 c-e beneath the picture of the Wine One bottle indicatecorresponding information for three bottles, six bottles, and one caseof bottles, respectively. Additionally, the “1 Bottle,” “2Bottles,” “3Bottles,” “6 Bottles,” and “1 Case (10% Discount)” hyperlinks 420 a-eunder the Wine Two bottle indicate corresponding information for WineTwo as that described above with respect to the mailto hyperlinksrelating to Wine One.

The email client module 122 may receive a user input that indicates thatone of the hyperlinks displayed in the message body area 446 isselected. The user input may be, for example, a mouse click, keyboardinput, or any other type of input that indicates that a hyperlink isselected. Referring again to FIG. 2A, the email client module 122 may,in response to this user input, generate and display an order emailmessage as specified by the selected hyperlink (step 248).

Referring now to FIG. 11 , FIG. 4 , and FIG. 12 , FIG. 12 shows anexample message composition window 1200 that may be displayed inresponse to a selection of a hyperlink from the message body area 446 ofthe email display window 440 of FIG. 4 (step 1110). The messagecomposition window 1200 of FIG. 12 may include a Send button 1202, a Toarea 1204 a CC area 1206 a BCC area 1208, a Subject area 1210, and amessage body area 1212. The Send button 1202 in the message compositionwindow 1200 of FIG. 12 may be responsive to input from a user such as amouse click, keyboard input, or any other type of input. The differentareas 1204-1212 in the message composition window 1200 display differentportions of an email message. For example, the To area 1204 includestext that indicates email addresses to which the email message isaddressed, while the message body area 1212 displays the contents of thebody of the email message. Each or any of these different areas1204-1212 may be editable based on user input. Changes to the contentsof these areas 1204-1212 may change the corresponding portion of theemail message.

FIG. 12 shows an example wherein the “2Bottles” hyperlink 420 b beneaththe picture of the Wine One and described above with reference to FIG. 3is selected. The To area 1204 indicates that the message is addressed tosales@company.com. The Subject area 1210 indicates that the subject ofthe message is “Purchase from Wine Shop.” The CC area 1206 and BCC area1208 are blank. Continuing the example of FIG. 12 , Wine One product hasa product identifier of “0005” and John Smith has a customer identifierof “0777.” Accordingly, the message body area 1212 includes the text“ProductID0005” and “CustomerID0777.” To indicate that the user hasselected the purchase of two bottles, the message body area 1212includes the text “Qty0002.” Further, the message body area 1212includes the text “CampaignID0033,” indicating that the order isassociated with an email campaign with an identifier of “0033.”

Alternatively, or in addition to the message body area having the text“ProductID0005,” “CustomerID0777,” “Qty0002,” and “CampaignID0033,”which clearly refer to what is being selected and include proprietaryinformation (such as customer ID), the message body area 1212 mayinclude a UUID of the selected button or hyperlink. As shown, the UUIDprovides much more security, since it random and users cannot tamperwith it as they could with the identifiable text information.

In an instance where a different hyperlink from the message body area446 of FIG. 12 is selected, the display areas 1204-1212 in the messagecomposition window 440 may include contents specified by the selecteddifferent hyperlink. For example, in an instance where one of thehyperlinks 422 a-422 e related to Wine Two is selected, the message bodyarea would not include the text “ProductID0005,” but would include textthat indicates the corresponding identifier for Wine Two. Alternatively,a different UUID will be included.

Referring now to both FIG. 11 and FIG. 13 , FIG. 13 shows an emaildisplay window 1300 that may be used by the email client module 122 todisplay a second example email message from the message processingmodule 110 (step 1108). The email display window 1300 includes a Replybutton 1302, a control area 1304, and a message body area 1306. Thesedisplay elements 1302, 1304, 1306 may possess similar and/or analogouscharacteristics and/or perform similar functionality as correspondingdisplay elements 442, 444, 446 in the email display window 1300 of FIG.4 . According to the example of FIG. 13 , the control area 1304 showsthat the sender of the message has the email address“donate@company.com.” This is an email address that may be associatedwith an account used by the e-commerce system 100 for the communicationof email messages. Further to this example, the control area 544 showsthat the email address of the example recipient of the message (JohnSmith) is “john.smith@customer.com.”

As shown in FIG. 13 , the message body area 1306 of the email displaywindow 540 may display an example email message that shows informationrelated the solicitation of donations for an example non-profitorganization (“Charitable Organization”). The message body area 1306also includes a plurality of buttons 1308 a-e or mailto hyperlinks, suchas the “$5.00,” hyperlink 1308 a “$10.00,” hyperlink 1308 b “$25.00,”hyperlink 1308 c “$50.00,” hyperlink 1308 d and “$100.00” hyperlink 1308e. These hyperlinks may possess similar and/or analogouscharacteristics, and/or include similar and/or analogous information, asthe mailto hyperlinks described above with reference to FIG. 4 . Eachbutton 1308 a-e has an associated UUID. The “$5.00” hyperlink 1308 adescribes an email message that, if received by the e-commerce system100, will indicate to the e-commerce system 100 that John Smith wouldlike to donate $5.00 to Charitable Organization. Similarly, the“$10.00,” “$25.00,” “$50.00, ” and “$100.00” hyperlinks 1308 b-edescribe email messages with corresponding information for $10.00,$25.00, $50.00, and $100.00 donations, respectively.

The email client module 122 may receive a user input that indicates thatone of the hyperlinks displayed in the message body area 1306 isselected. Referring again to FIG. 11 , the email client module 122 may,in response to this user input, generate and display an order emailmessage as specified by the selected hyperlink (step 1110).

Referring now to FIG. 11 , FIG. 13 , and FIG. 14 , FIG. 14 shows anexample message composition window 1400 that may be displayed inresponse to a selection of a hyperlink from the message body area 1306of the email display window 1300 of FIG. 13 (step 1108). The messagecomposition window 1400 of FIG. 14 may include a Send button 1402, a Toarea 1404, a CC area 1406, a BCC area 1408, a Subject area 1410, and amessage body area 1400. These display elements 1402-1412 may possesssimilar and/or analogous characteristics and/or perform similarfunctionality as corresponding display elements 1202-1212 in the messagecomposition window 1200 of FIG. 12 .

FIG. 14 shows an example wherein the “$100.00” hyperlink 1308 e from themessage body area 1306 of the email display window 1300 of FIG. 13 isselected. The To area 1404 indicates that the message is addressed todonate@company.com. The Subject area 1410 indicates that the subject ofthe message is “Donation to Charitable Organization.” The CC area 1406and BCC area 1408 are blank. According to this example, a donation of$100.00 to Charitable Organization has a product identifier of “0099,”and John Smith has a customer identifier of “0777.” Accordingly, themessage body area 1412 includes the text “ProductID0099” and“CustomerID0777.” Further, the message body area 1412 includes the text“CampaignID0044,” indicating that the order is associated with an emailcampaign with an identifier of “0044.”

Alternatively, or in addition to the message body area having the text“ProductID0099,” “CustomerID0777,” “Qty0001,” and “CampaignID0044,”which clearly refer to what is being selected and include proprietaryinformation (such as customer ID), the message body area 1412 mayinclude a UUID of the selected button or hyperlink. As shown, the UUIDprovides much more security, since it random and users cannot tamperwith it as they could with the identifiable text information.

Referring again to FIG. 11 , the email client module 122 may send thegenerated order email message to the e-commerce system 100 (step 1112).This may be performed in response to input from a user of the customerclient device 120. As one example, the email client module 122 may, inresponse to a selection of the Send button 1202 in the messagecomposition window 1200 of FIG. 12 , transmit an order email messagebased on the contents of the fields 1202-1212 in the message compositionwindow 1200.

As another example, the email client module 122 may, in response to aselection of the Send button 1402 in the message composition window 1400of FIG. 14 , transmit an order email message based on the contents ofthe fields 1404-1412 in the message composition window 1400.

Referring back to FIG. 11 , the email interface module 112 and themessage processing module 110 may then receive the order email message(step 1114). This may include, for example, the message processingmodule 110 periodically querying the email interface module 112 forinformation related to new messages received by the email interfacemodule 112 for one or more of the email accounts used by the e-commercesystem 100.

Further, the message processing module 110 may validate the contents ofthe order email message by determining if the message is formattedcorrectly and/or includes information that it should include. Forexample, the message processing module 110 may be configured to expectthat the text of the body of the order email message should includeinformation related to an order placed by a customer, such as anidentifier of a customer that transmitted the message, a productidentifier, an identifier that indicates a donation amount, anidentifier of a vendor associated with the order, information thatindicates a quantity associated with the order, a campaign identifier,and/or other information. In an instance where the message processingmodule 110 determines that the information included in the order emailmessage is invalid (e.g., if one or more required pieces of informationare missing and/or formatted incorrectly), the message processing module110 may send one or more emails (not depicted) to the email address fromwhich the order email message was received, indicating that the orderemail message could not be correctly processed.

Alternatively or additionally, the message processing module 110 mayvalidate the contents of the order email message by determining whetherit includes information that matches data stored in the e-commercedatabase 106. For example, the message processing module 110 maydetermine whether one or more identifiers, (such as a customeridentifier, product identifier, vendor identifier, or campaignidentifier), in the message corresponds to a valid identifier in thee-commerce database 106. In an instance where the message processingmodule 110 determines that the information included in the order emailmessage is invalid (e.g., if one or more of the identifiers in themessage are not valid identifiers), the message processing module 110may send one or more emails (not depicted) to the email address fromwhich the order email message was received, indicating that the orderemail message could not be correctly processed.

The message processing module 110 may then determine whether an orderconfirmation procedure should be performed (step 1116). This may bebased on, for example, a parameter related to the vendor with which theorder corresponding to the order email message is associated. Forexample, a vendor might configure the e-commerce system 100 such thatall orders for that vendor do or do not require an order confirmationbefore the orders are processed. This information may be provided to theaccount management module 102 in the e-commerce system 100 via, forexample, the web browser module 134 in the vendor client device 130. Theaccount management module 102 may store this information in thee-commerce database 106. To perform this determination, the messageprocessing module 110 may determine which vendor to which the orderpertains, based on a product identifier and/or vendor identifier includein the order email message. The message processing module 110 may thenaccess the e-commerce database 106 via the database module 104 todetermine whether this vendor has indicated whether an orderconfirmation is required before the order is processed.

Alternatively or additionally, the message processing module 110 maydetermine whether an order confirmation procedure should be performedbased on the nature of the order (step 1116). For example, the messageprocessing module may be configured to determine that orders that do notrequire fulfillment of an order by a merchant, (for example, orders thatrelate only to a donation or other pure exchange of funds), do notrequire an order confirmation procedure, while orders that relate torelate to the fulfillment of an order for tangible goods do require anorder confirmation procedure.

In an instance where the message processing module 110 determines thatan order confirmation procedure is required, the message processingmodule 110, email interface module 112, and the email client module 122may perform an order confirmation procedure (step 1118).

As one example, the order confirmation procedure (step 1118) may includethe transmission of one or more confirmation email messages (notdepicted) from the message processing module 110 to the email clientmodule 122 that indicates that the order has been received. Theseconfirmation email messages may be generated by the message processingmodule 110, and transmitted to the email client module 122 via the emailinterface module 112. One example of such a confirmation email messageis shown in FIG. 15 .

FIG. 15 shows an email display window 1500 that may be used by the emailclient module 122 to display the example confirmation email messagereceived from the message processing module 110. The email displaywindow 1500 includes a Reply button 1502, a control area 1504, and amessage body area 1506. These display elements 1502, 1504, 1506 maypossess similar and/or analogous characteristics and/or perform similarfunctionality as corresponding display elements 442, 444, 446 in theemail display window 440 of FIG. 4 .

Alternatively or additionally, during the order confirmation procedure(step 1118), the message processing module 110 (in conjunction with theemail interface module 112) may exchange one or more email messages withthe email client 122, in order to determine whether the order should becanceled, or whether the order should be executed. In such an instance,the message processing module 110 and/or the order execution module 108may determine, based on the exchange email messages, whether the ordershould be executed.

Alternatively or additionally, the order confirmation procedure (step1118) may be, or include, the any or any combination of the actionsshown in FIG. 16 , which is described in further detail below.

In an instance where the message processing module 110 and/or the orderexecution module 108 make a determination that the order should beexecuted, or in an instance where an order confirmation procedure is notperformed, and/or in any other appropriate context, an order executionprocedure may be performed, to complete the order indicated in the orderemail message (step 1120). The message processing module 110, the orderexecution module 108, the payment processing module 136, and/or thevendor order fulfillment system 138 may participate in the orderexecution procedure (step 1120).

The order execution procedure (step 1120) may include, for example, theorder execution module 108 accessing credit card accounts and/or otherfinancial information related to the customer that is stored in thee-commerce database 106 via the database module 104. This may alsoinclude the order execution module accessing bank account and/or otherfinancial information related to the vendor that is stored in thee-commerce database 106 via the database module. The order executionmodule 108 may transmit the financial information related to both thecustomer and the vendor to the payment processing system 136, indicatingthat a payment should be made from the account of the customer to theaccount of the vendor.

Alternatively or additionally, an example order execution procedure(step 1120) may include one or more of the following actions: The orderexecution module 108 may access the order email message, which mayinclude an identifier of the customer and a donation identifier/productidentifier. Based on the donation identifier, the order execution module108 may determine the non-profit organization to which the donationindicated in the order email message is intended.

Further, the order execution module 108 may determine, based on thedonation identifier, the amount to be donated. The order executionmodule 108 may determine the non-profit organization to which thedonation indicated in the order email message is intended and the amountto be donated by, for example, querying the e-commerce database 106 (viathe database module 104). Further, the order execution module 108 mayperform a query of the e-commerce database 106 (either directly or viathe database module 104) to obtain financial information for thecustomer and the non-profit organization. The query to the e-commercedatabase 106 for the customer's financial information may include theidentifier of the customer, and the response to the query may be thecustomer's financial information. Similarly, the query to the e-commercedatabase 106 may include the identifier of the vendor, and the responseto the query may be the vendor's financial information The financialinformation for the customer may include, for example, credit cardinformation (such as a credit card number and expiration date), and/orother information related to a bank account and/or other type offinancial accounts (such as an e-Payment account). The financialinformation for the vendor may include information related to a bankaccount and/or other types of financial account (such as an e-Paymentaccount) held by the vendor.

The order execution module 108 may transmit the financial informationrelated to both the customer and the vendor to the payment processingsystem 136. As one example, the transmitted financial information mayinclude an account number of the vendor and the credit card number andexpiration date for a credit card account held by the customer, and thetransmitted financial information may indicate that payment should bemade to the to the identified account of the vendor from the credit cardaccount of the customer for the amount indicated in the order emailmessage.

Alternatively or additionally, the order execution procedure (step 1120)may include the order execution module 108 sending one or more messagesto the vendor order fulfillment system 138 related to the order. Forexample, the order execution module 108 may send one or more messages tothe vendor order fulfillment system 138 that indicate information suchas the shipping address of the customer, an identifier of the itemsbeing ordered, a quantity of the items being ordered, and/or otherinformation. Additionally, the vendor order fulfillment system 138 maycommunicate one or more messages to the order execution module 108 thatindicate status updates with respect to fulfillment of the order. Forexample, the vendor order fulfillment system 138 may send one or moremessages to the order execution module 108 that indicate milestones inthe fulfillment of the order (e.g., that the goods involved in the orderhave shipped), and/or that fulfillment of the order is complete.

Alternatively or additionally, the order execution procedure (step 1120)may be or include any or any combination of the actions shown in FIG. 20, which is described in further detail below.

The message processing module 110 and/or the email interface module 112may then generate an order conclusion email message (step 1122). Theorder conclusion email message may indicate, for example, that the orderwas successfully completed, whether an error occurred that preventedsuccessful completion of the order, that the order was canceled, and/orother information. The email interface module 112 may then transmit theorder conclusion email message to the email client 122 (step 1124) inthe customer client device 120. The email client 122 may then receiveand display the order conclusion email message (step 1126). The emailclient 122 may display the order conclusion email message in an emaildisplay window (not depicted), with similar and/or analogouscharacteristics to the email display window 1500 described above withreference to FIG. 15 .

FIG. 16 shows an example order confirmation method 1118 that may beutilized. FIG. 16 shows components of the e-commerce system 100,including the message processing module 110, the order execution module108, and the email interface module 112. FIG. 16 also shows the emailclient module 122 of the customer client device 120.

The method of FIG. 16 may begin with the message processing module 110and/or the email interface module 112 generating a confirmation emailmessage (step 1602). The confirmation email message may includeinformation that indicates that an order has been placed, and may invitethe user of the email client module 122 to provide input as to whetherthe order should be completed or not. As will be described in furtherdetail below, the confirmation email message may include one or moremailto hyperlinks that describe a confirmation response email messagethat indicates whether the order should be completed or not.

Generating the confirmation email message (step 1602) may also includedetermining the email address to which the confirmation email messageshould be sent. As described above with reference to FIG. 1 , thee-commerce database 106 may store information that includes a customeridentifier and an email address for each customer. According to a firstapproach for determining the email address to which the confirmationemail message should be sent, the message processing module 110 maydetermine the customer identifier associated with the order that isbeing confirmed. The message processing module 110 may then obtain fromthe e-commerce database 106 (via the database module 104) the emailaddress that is stored in the database that is associated with thecustomer identifier. The message processing module 110 may generate theconfirmation email message such that it is addressed to the emailaddress that is stored in the database that is associated with thecustomer identifier. According to this approach, it is possible that theemail address from which the order email message was originally sent (asone example, as described above with respect to step 510 of FIG. 5 )will be different from the address to which the confirmation emailmessage is sent. According to a second approach, the message processingmodule 110 may generate the confirmation email message, such that it isaddressed to the same email address from which the order email messagewas originally sent.

The email interface module 112 may transmit the confirmation emailmessage to the email client module 122 (step 1604). The confirmationemail message may be received by the email client module 122, anddisplayed by the email client module 122 (step 1606).

Referring now to both FIG. 16 and FIG. 17 , FIG. 17 shows an emaildisplay window 1700 that may be used by the email client module 122 todisplay an example confirmation email message (step 1606). The emaildisplay window 1700 includes a Reply button 1702, a control area 1704,and a message body area 1706. These display elements 1702, 1704, 1706may possess similar and/or analogous characteristics and/or performsimilar functionality as corresponding display elements 442, 444, 446 inthe email display window 440 of FIG. 4 . According to the example ofFIG. 17 , the control area 1704 shows that the sender of the message hasthe email address “sales@company.com.” This is an email address that maybe associated with an account used by the e-commerce system 100 for thecommunication of email messages. Further to this example, the controlarea 1704 shows that the email address of the recipient of the message(John Smith) is “john.smith@customer.com.”

As shown in FIG. 17 , the message body area 1706 may include informationthat describes the order that is being confirmed. The message body area1706 also includes mailto hyperlinks, such as the “Confirm Order”hyperlink 1708 and “Cancel Order” hyperlink 1710. The “Confirm Order”hyperlink 1708 describes an email message that, if received by thee-commerce system 100, will indicate to the e-commerce system 100 thatJohn Smith would like to proceed with the order indicated by the exampleconfirmation email message. The “Cancel Order” hyperlink 1710 describesan email message that, if received by the e-commerce system 100, willindicate to the e-commerce system 100 that John Smith would like tocancel the order indicated by the example confirmation email message.

The email client module 122 may receive a user input that indicates thatone of the hyperlinks displayed in the message body area 1706 isselected. The user input may be, for example, a mouse click, keyboardinput, or any other type of input that indicates that a hyperlink isselected. Referring again to FIG. 16 , the email client module 122 may,in response to this user input, generate and display a confirmationresponse email message as specified by the selected hyperlink (step1608).

Referring now to FIG. 16 , FIG. 17 , and FIG. 18 , FIG. 18 shows anexample message composition window 1800 that may be displayed inresponse to a selection of the “Confirm Order” hyperlink 1708 from themessage body area 1706 of the email display window 1700 of FIG. 17 (step1608). The message composition window 1800 of FIG. 18 may include a Sendbutton 1802, a To area 1804, a CC area 1806, a BCC area 1808, a Subjectarea 1810, and a message body area 1812. These display elements1802-1812 may possess similar and/or analogous characteristics and/orperform similar functionality as corresponding display elements1202-1212 in the message composition window 1200 of FIG. 12 .

Referring now to FIG. 16 , FIG. 17 , and FIG. 19 , FIG. 19 shows anexample message composition window 1140 that may be displayed inresponse to a selection of the “Cancel Order” hyperlink 1710 from themessage body area 1706 of the email display window 1700 of FIG. 17 (step1608). The message composition window of FIG. 19 may include a Sendbutton 1902, a To area 1904, a CC area 1906, a BCC area 1908, a Subjectarea 1910, and a message body area 1912. These display elements1902-1912 may possess similar and/or analogous characteristics and/orperform similar functionality as corresponding display elements1202-1212 in the message composition window 1200 of FIG. 12 .

Referring again to FIG. 16 , the email client module 122 may send thegenerated confirmation response email message to the e-commerce system100 (step 1610). This may be performed in response to input from a userof the customer client device 120. As one example of an orderconfirmation, the email client module 122 may, in response to aselection of the Send button 1802 in the message composition window 1800of FIG. 18 , transmit the email message to confirm the order based onthe contents of the fields 1804-1812 in the message composition window1800.

As another example, the email client module 122 may, in response to aselection of the Send button 1902 in the message composition window 1900of FIG. 19 , transmit the email message to cancel the order based on thecontents of the fields 1904-1912 in the message composition window 1900.

The email interface module 112 and the message processing module 110 maythen receive the confirmation response email message (step 1612). Thismay include, for example, the message processing module 110 periodicallyquerying the email interface module 112 for information related to newmessages received by the email interface module 112 for one or more ofthe email accounts used by the e-commerce system 100.

Further, the message processing module 110 may validate the contents ofthe confirmation response email message by determining if the message isformatted correctly and/or includes information that it should include.For example, the message processing module 110 may be configured toexpect that the text of the confirmation response email message shouldinclude information that indicates an identifier of an order to whichthe confirmation response email message pertains.

Alternatively or additionally, the message processing module 110 mayvalidate the contents of the order email message by determining whetherit includes information that matches data stored in the e-commercedatabase 106. For example, the message processing module 110 maydetermine whether an order identifier in the confirmation response emailmessage corresponds to a valid order identifier. In an instance wherethe message processing module 110 determines that the informationincluded in the order email message is invalid (e.g., if an orderidentifier in the message is not a valid order identifier), the messageprocessing module 110 may send one or more emails (not depicted) to theemail address from which the confirmation response email message wasreceived, indicating that the confirmation response email message couldnot be correctly processed.

The message processing module 110 and/or the order execution module 108may then determine whether the order should be executed (step 1614).This may be based on, for example, the contents of the confirmationresponse email message. In an instance where the confirmation responseemail message indicates that the order should be canceled, the messageprocessing module 110 and/or the order execution module 108 maydetermine that the order should be canceled. In an instance where theconfirmation response email message indicates that the order should beexecuted, the message processing module 110 and/or the order executionmodule 108 may determine that the order should be executed.

FIG. 20 shows an example order execution method 2000 that may beutilized. FIG. 12 shows the order execution module 108 and the databasemodule 106 of the e-commerce system 100, as well as the paymentprocessing system 136 and the vendor order fulfillment system 138.

The method of FIG. 20 may begin with the order execution module 108obtaining credit card information associated with the customer for whomthe order will be executed (step 2002). This may include the obtainingthe credit card information from the e-commerce database 106 via thedatabase module 104. The credit card information may include a creditcard number and an expiration date.

The order execution module 108 may then communicate with the paymentprocessing module 136 to put a preauthorization hold on the customer'saccount for the amount required for the order (step 2004). This mayinclude, for example, the order execution module 108 sending one or moremessages to the payment processing system 136 that include the creditcard information and the amount that should be held. This may alsoinclude the payment processing system 136 sending one or more messagesto the order execution module 108 that indicate that the hold wassuccessfully placed on the customer's account.

The order execution module 108 and the payment processing module 136 maythen communicate to fulfill the order (step 2006). This may include, forexample, the order execution module 108 sending one or more messages tothe vendor order fulfillment system 138 that include information such asthe shipping address of the customer, an identifier of the items beingordered, a quantity of the items being ordered, and/or otherinformation. This may also include the vendor order fulfillment system138 sending one or more messages to the order execution module 108 thatindicate status updates with respect to fulfillment of the order. Forexample, the vendor order fulfillment system 138 may send one or moremessages to the order execution module 108 that indicate progress withrespect to the fulfillment of the order, and/or that fulfillment of theorder is complete.

The order execution module 108 may then communicate with the paymentprocessing system 136 to charge the customer's account for the amountassociated with the order (step 2008). This may include the orderexecution module 108 sending one or more messages to the paymentprocessing system that indicate that the customer's account should becharged for the amount associated with the order. This may also includethe payment processing system 136 sending one or more messages to theorder execution module 108 that indicate that the customer's account wassuccessfully charged.

Charging the customer's account (step 2008) maybe performed in responseto the order execution module 108 receiving information from the vendororder fulfillment system 138 that indicates that the order has beencompleted. Alternatively, the order execution module 108 may determinethat, if a preconfigured amount of time (e.g., forty-eight hours) haspassed since an order had been first communicated to the orderfulfillment system 138 (step 2006) and no error or cancellation messageshad been received by the order execution module 108 from the orderfulfillment system 138, the order had been successfully fulfilled andthat the customer's account should be charged. The order executionmodule 108 may then communicate (step 2008) with the payment processingsystem 136 to charge the customer's account in response to thisdetermination. Alternatively or additionally, a vendor may communicatewith the account management module 102 in the e-commerce system 100 toprovide information via a web interface that indicates that an order hasbeen fulfilled. In such an instance, the account management module 102may store information in the e-commerce database 106 that indicates thatthe order has been fulfilled.

The order execution module 108 may periodically obtain data from thee-commerce database via the database module 104 that reflects whetherthe order has been fulfilled. If the order execution module 108 obtainsinformation that indicates that the order has been fulfilled, the orderexecution module 108 may determine that the customer's account should becharged; the order execution module 108 may then communicate (step 2008)with the payment processing system 136 to charge the customer's accountin response to this determination.

FIG. 21 shows an example system 2100 that may be used to implementfeatures described hereinbefore. The example system 2100 includes ane-commerce server 2102, a client device 2114, and one or more networks2112.

The e-commerce server 2102 may include at least one processor 2104,memory device 2106, network interface 2110, and storage device 2108. Theclient device 2114 may include at least one processor 2118, memorydevice 2122, network interface 2126, input device interface 2116,display device interface 2120, and storage device 2124.

The e-commerce server 2102 may be configured to perform any feature orcombination of features described hereinbefore as performed by theaccount management module 102, database module 104, order executionmodule 108, message processing module 110, and/or email interface module112. The client device 2114 may be configured to perform any feature orcombination of features described hereinbefore as performed by the emailclient module 122 and/or the web browser module in the customer clientdevice 120. The client device 2114 may be, for example, a desktopcomputer, a laptop computer, a netbook, a smartphone (as shown in FIG. 2), a tablet computer (as shown in FIG. 3 ), a personal digital assistant(PDA), a cellular phone, or any other appropriate device.

Each or any of the memory devices 2106, 2122 may be or include a devicesuch as a Dynamic Random Access Memory (D-RAM), Static RAM (S-RAM), orother RAM or a flash memory. Each or any of the storage devices 2108,2124 may be or include a hard disk, a magneto-optical medium, an opticalmedium such as a CD-ROM, a digital versatile disk (DVDs), or Blu-Raydisc (BD), or other type of device for electronic data storage. Thestorage device 2108 in the e-commerce server 2102 may store theinformation or any subset of the information described hereinbefore asstored in the e-commerce database 106.

Each or any of the network interfaces 2110, 2126 may be, for example, acommunications port, a wired transceiver, or a wireless transceiver.Each or any of the network interfaces 2110, 2126 may be capable ofcommunicating using technologies such as Ethernet, fiber optics,microwave, xDSL (Digital Subscriber Line), Wireless Local Area Network(WLAN) technology, wireless cellular technology, and/or any otherappropriate technology. The network interfaces 2110, 2126 may be used bythe e-commerce server 2102 and/or the client device 2114 to communicatevia the one or more networks 2112. The network interface 2110 in thee-commerce server 2102 may be configured to communicate any of themessages and/or other information described hereinbefore as communicatedby the account management module 102, database module 104, orderexecution module 108, message processing module 110, and/or emailinterface module 112.

The network interface 2126 in the client device 2114 may be configuredto communicate any of the messages and/or other information describedhereinbefore as communicated by the email client module 122 and/or bythe web browser module in the customer client device 120 used forcommunicating with the account management module 102.

The one or more networks 2112 may include one or more private networksand/or one or more public networks such as the Internet. The one or morenetworks 2112 may be based on wired and/or wireless networkingtechnologies.

The input device interface 2116 in the client device 2114 may be aninterface configured to receive input from an input device such as akeyboard, a mouse, a trackball, a scanner, a touch screen, a touch pad,a stylus pad, and/or other device. The input device interface 2116 mayoperate using a technology such as Universal Serial Bus (USB), PS/2,Bluetooth, infrared, and/or other appropriate technology. The inputdevice interface 2116 may be configured to receive any or anycombination of the user input described hereinbefore as received by theby the email client module 122 and/or by the web browser module 124 inthe customer client device 120 used for communicating with the accountmanagement module 102.

The display device interface 2120 may be an interface configured tocommunicate data to a display device (not depicted). The display deviceinterface 2120 may operate using technology such as Video Graphics Array(VGA), Super VGA (S-VGA), Digital Visual Interface (DVI),High-Definition Multimedia Interface (HDMI), or other appropriatetechnology. The client device 2114 may include or be connected to adisplay device (not depicted) via the display device interface 2120. Thedisplay device may be, for example, a monitor or television display, aplasma display, a liquid crystal display (LCD), and/or a display basedon a technology such as front or rear projection, light emitting diodes(LEDs), organic light-emitting diodes (OLEDs), or Digital LightProcessing (DLP). The display device may be configured to display, basedon data received via the display device interface 2120, any displayelements described hereinbefore as displayed by the email client module122 and/or by the web browser module 124 in the customer client device120.

The memory device 2106 and/or the storage device 2108 of the e-commerceserver 2102 may store instructions which, when executed by the at leastone processor 2104, cause the at least one processor 2104 to perform anyfeature or combination of features described hereinbefore as performedby the account management module 102, database module 104, orderexecution module 108, message processing module 110, and/or emailinterface module 112. The memory device 2122 and/or the storage device2124 of the client device 2114 may store instructions which, whenexecuted by the at least one processor 2118, cause the at least oneprocessor 2118 to perform any feature or combination of featuresdescribed hereinbefore as performed by the email client module 122and/or by the web browser module 124 in the customer client device 120used for communicating with the account management module 102.

Although FIG. 21 shows a single e-commerce server 2102 and a singleclient device 2114, the functionality described above with reference toFIG. 21 as performed by the e-commerce server 2102 and/or the clientdevice 2114 may be distributed across any number of devices thatpossesses similar characteristics and/or that include similar components2104, 2106, 2108, 2110, 2118, 2120, 2122, 2124, 2128 as the e-commerceserver 2102 and/or the client device 2114.

While examples are provided above hereinbefore which includes the use ofemail communications, those features may also be implemented usingdifferent types of communications technology. For example, the featuresdescribed hereinbefore may also be implemented, mutatis mutantis, usingtechnologies that include any one or any combination of: email; instantmessaging; enterprise messaging; Short Message Service (SMS); MultimediaMessaging Service (MMS); and/or any other appropriate technology for theelectronic communication of data.

As use herein, the term “vendor” broadly refers to and is not limited toa business, a non-profit organization, any other type of organization,and/or an individual person. One example of a business is an onlineretailer. Examples of non-profit organizations include charitableorganizations, educational institutions such as schools anduniversities, arts organizations, and recreational organizations.Examples of recreational organizations include historical orpreservation societies, local recreational sports leagues.

As used herein, the term “processor” broadly refers to and is notlimited to a single- or multi-core general purpose processor, a specialpurpose processor, a conventional processor, a digital signal processor(DSP), a plurality of microprocessors, one or more microprocessors inassociation with a DSP core, a controller, a microcontroller, one ormore Application Specific Integrated Circuits (ASICs), one or more FieldProgrammable Gate Array (FPGA) circuits, any other type of integratedcircuit (IC), a system-on-a-chip (SOC), and/or a state machine.

As used to herein, the term “computer-readable storage medium” broadlyrefers to and is not limited to a register, a cache memory, a ROM, asemiconductor memory device (such as a D-RAM, S-RAM, or other RAM), amagnetic medium such as a flash memory, a hard disk, a magneto-opticalmedium, an optical medium such as a CD-ROM, a DVDs, or BD, or other typeof device for electronic data storage.

Although features and elements are described above in particularcombinations, each feature or element can be used alone or in anycombination with or without the other features and elements. Forexample, each feature or element as described hereinbefore may be usedalone without the other features and elements or in various combinationswith or without other features and elements. Sub-elements of the methodsand features described hereinbefore may be performed in any arbitraryorder (including concurrently), in any combination or sub-combination.

What is claimed is:
 1. A method for improving security of an e-commercetransaction using Simple Mail Transfer Protocol (SMTP), the methodcomprising: storing, by a processor of an e-commerce system, informationin a database, wherein the information includes an identifier of acustomer, and an email address of the customer; transmitting, by theprocessor, an advertising email message to the email address of thecustomer via SMTP, wherein the advertising email message includes amailto hyperlink that when activated generates an order email message;receiving, by the processor, the order email message via SMTP, whereinthe order email message indicates an order by the customer for a productidentified in the advertising email message, wherein the order emailmessage is addressed to an email address of the e-commerce system, andincludes the identifier of the customer; authenticating, by theprocessor, a sender of the order email message as the customer based onthe information stored in the database; and on a condition that thesender is authenticated as the customer, performing, by the processor,an order execution procedure based on the order email message, whereinthe order execution procedure includes purchasing the product for thecustomer.
 2. The method of claim 1, wherein the order executionprocedure includes: transmitting, by the processor, one or more messagesto a payment processing system.
 3. The method of claim 2, furthercomprising: storing, by the processor, credit card information of thecustomer in the database; wherein the one or more messages include thecredit card information of the customer, and wherein the paymentprocessing system is a payment gateway that is operated by an acquiringfinancial institution.
 4. The method of claim 1, wherein the orderexecution procedure includes: transmitting, by the processor, one ormore messages to an order fulfillment system.
 5. The method of claim 1,further comprising: on a condition that the sender is not authenticatedas the customer, performing an order confirmation procedure.
 6. Themethod of claim 5, wherein the order confirmation procedure includes:transmitting, by the processor, a confirmation email message via SMTPthat solicits the customer to confirm the order email message, whereinthe confirmation email message is addressed to the email address of thecustomer, and includes a second mailto hyperlink, wherein the secondmailto hyperlink includes: a second destination address field thatindicates the email address of the e-commerce system; and a second bodyfield that indicates a second email body that includes an orderidentifier associated with the order email message; receiving, by theprocessor, a confirmation response email message in response to theconfirmation email message via SMTP, wherein the confirmation responseemail message is addressed to the email address of the e-commercesystem, and a body of the confirmation response email message includesthe order identifier and response information that indicates whether theorder is confirmed or canceled; and performing, by the processor, theorder execution procedure when the response information that indicatesthat the order is confirmed.
 7. An e-commerce system that improvessecurity of an e-commerce transaction using Simple Mail TransferProtocol (SMTP), the e-commerce system comprising: a memory that storesa database of information, wherein the database includes an identifierof a customer and an email address of the customer; a network interface;and a processor that is communicatively coupled to the memory and thenetwork interface, wherein the processor configured to: transmit, usingthe network interface, an advertising email message, to the emailaddress of the customer via SMTP, wherein the advertising email messageincludes a mailto hyperlink that when activated generates an order emailmessage, receive, using the network interface, the order email messagevia SMTP, wherein the order email message indicates an order by thecustomer for a product identified in the advertising email message,wherein the order email message is addressed to an email address of thee-commerce system, and includes the identifier of the customer;authenticate, using the memory a sender of the order email message asthe customer based on the database, and on a condition that the senderis authenticated as the customer, perform an order execution procedurebased on the order email message, wherein the order execution procedureincludes purchasing the product for the customer.
 8. The e-commercesystem of claim 7, wherein the order execution procedure includes:transmitting, by the processor, one or more messages to a paymentprocessing system using the network interface.
 9. The e-commerce systemof claim 8, wherein: the database stores credit card information of thecustomer; the one or more messages include the credit card informationof the customer; and the payment processing system is a payment gatewaythat is operated by an acquiring financial institution.
 10. Thee-commerce system of claim 7, wherein the order execution procedureincludes: transmitting, by the processor, one or more messages to anorder fulfillment system using the network interface.
 11. The e-commercesystem of claim 7, wherein on a condition that the sender is notauthenticated as the customer, the processor is further configured toperform an order confirmation procedure.
 12. The e-commerce system ofclaim 11, wherein the order confirmation procedure includes:transmitting, by the processor using the network interface via SMTP, aconfirmation email message that solicits the customer to confirm theorder email message, wherein the confirmation email message is addressedto the email address of the customer, and includes a second mailtohyperlink, wherein the second mailto hyperlink includes: a seconddestination address field that indicates the email address of thee-commerce system; and a second body field that indicates a second emailbody that includes an order identifier associated with the order emailmessage; receiving, by the processor using the network interface, aconfirmation response email message in response to the confirmationemail message via SMTP, wherein the confirmation response email messageis addressed to the email address of the e-commerce system, and a bodyof the confirmation response email message includes the order identifierand response information that indicates whether the order is confirmedor canceled; and performing, by the processor, the order executionprocedure when the response information indicates that the order isconfirmed.
 13. A non-transitory computer-readable storage medium havingprocessor-executable instructions stored thereon which, that whenexecuted by a processor of an e-commerce system, cause the processor toperform a method that improves security of an e-commerce transaction byusing Simple Mail Transfer Protocol (SMTP), the method comprising:storing, by the processor, information in a database, wherein theinformation includes an identifier of a customer and an email address ofthe customer; transmitting, by the processor, an advertising emailmessage to the email address of the customer via SMTP, wherein theadvertising email message includes a mailto hyperlink that whenactivated generates an order email message; receiving, by the processor,the order email message via SMTP, wherein the order email messageindicates an order by the customer for a product identified in theadvertising email message, wherein the order email message is addressedto an email address of the e-commerce system, and the identifier of thecustomer; authenticating, by the processor, a sender of the order emailmessage as the customer based on the information stored in the database;and on a condition that the sender is authenticated as the customer,performing, by the processor, an order execution procedure based on theorder email message, wherein the order execution procedure includespurchasing the product for the customer.
 14. The non-transitorycomputer-readable storage medium of claim 13, wherein the orderexecution procedure includes: transmitting, by the processor, one ormore messages to a payment processing system.
 15. The non-transitorycomputer-readable storage medium of claim 14, wherein the databasefurther stores credit card information of the customer; the one or moremessages include the credit card information of the customer, and thepayment processing system is a payment gateway that is operated by anacquiring financial institution.
 16. The non-transitorycomputer-readable storage medium of claim 13, wherein the orderexecution procedure includes: transmitting, by the processor, one ormore messages to an order fulfillment system.
 17. The non-transitorycomputer-readable storage medium of claim 13, wherein the method furthercomprises: on a condition that the sender is not authenticated as thecustomer, performing an order confirmation procedure.
 18. Thenon-transitory computer-readable storage medium of claim 17, wherein theorder confirmation procedure includes: transmitting, by the processor, aconfirmation email message via SMTP that solicits the customer toconfirm the order email message, wherein the confirmation email messageis addressed to the email address of the customer, and includes a secondmailto hyperlink, wherein the second mailto hyperlink includes: a seconddestination address field that indicates the email address of thee-commerce system; and a second body field that indicates a second emailbody that includes an order identifier associated with the order emailmessage; receiving, by the processor, a confirmation response emailmessage to the confirmation email message via SMTP, wherein theconfirmation response email message is addressed to the email address ofthe e-commerce system, and a body of the confirmation response emailmessage includes the order identifier and response information thatindicates whether the order is confirmed or canceled; and performing, bythe processor, the order execution procedure when the responseinformation indicates that the order is confirmed.